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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . This communication is responsive to Interview on 6/27/2008 . 

2. The allowed claim(s) is/are 55, 58 - 62 and 64 - 74 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a) □ All b)DSome* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1 ) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1. 84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 
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Paper No./Mail Date 

4. □ Examiner's Comment Regarding Requirement for Deposit 

of Biological Material 
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6. S Interview Summary (PTO-413), 
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9. □ Other . 



PTOL-37 (Rev. 08-06) 



Notice of Allowability 



Part of Paper No./Mail Date 2008071 1 



Application/Control Number: 10/659,614 
Art Unit: 2131 



Page 2 



DETAILED ACTION 

Examiner's Amendment 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this Examiner's Amendment was given in a telephone interview with 
Shawn Doman (Reg. No. 60,362) on 27 June 2008. 

This application has been amended as follows: 
IN THE CLAIMS 

Cancel claim 1 - 54, 56 - 57, 63 and 75-117. 
Replace claim 55, 65 and 70 as follows. 

Claim 55: 

A method comprising: 

populating an access control list with a destination user group identifier, wherein said 
populating is performed by a network device and comprises sending a request to another 
network device, and receiving a response from said another network device, wherein said 
response includes said destination user group identifier, wherein 

said access control list is a role-based access control list, 

said destination user group identifier identifies a destination user group of a destination, 
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said access control list comprises a source user group field configured to store a source 
user group identifier and a destination user group field configured to store a destination user 
group identifier, 

said source user group comprises a plurality of source network devices, 
said source user group is assigned to said source based on a role of said source, 
said destination user group comprises a plurality of destination network devices, 
said destination user group is assigned to said destination based on a 

role of said destination, and 

said access control list is configured to allow said source user group identifier and said 

destination user group identifier to be compared. 

Claim 65: 

A computer program product comprising: 

a first set of instructions, executable on a computer system, configured to populate an 
access control list with a destination user group identifier, wherein said to populate is performed 
by a network device and comprises sending a request to another network device, and receiving 
a response from said another network device, wherein said response includes said destination 
user group identifier, wherein 

said access control list is a role-based access control list, 

said destination user group identifier identifies a destination user group of a destination, 
said access control list comprises a source user group field configured to store a source 

user group identifier and a destination user group field configured to store a destination user 

group identifier, 

said source user group comprises a plurality of source network devices, 
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said source user group is assigned to said source based on a role of said source, 
said destination user group comprises a plurality of destination network devices, 
said destination user group is assigned to said destination based on a 

role of said destination, and 

said access control list is configured to allow said source user group identifier and said 

destination user group identifier to be compared; and 

computer readable storage media, wherein said computer program product is 

encoded in said computer readable storage media. 

Claim 70: 

An apparatus comprising: 

means for populating an access control list with a destination user group identifier, 
wherein said populating is performed by a network device and comprises sending a request to 
another network device, and receiving a response from said another network device, wherein 
said response includes said destination user group identifier, wherein 

said access control list is a role-based access control list, 

said destination user group identifier identifies a destination user group of a destination, 
said access control list comprises a source user group field configured to store a source 

user group identifier and a destination user group field configured to store a destination user 

group identifier, 

said source user group comprises a plurality of source network devices, 

said source user group is assigned to said source based on a role of said source, 

said destination user group comprises a plurality of destination network devices, 
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said destination user group is assigned to said destination based on a role of said 
destination, and 

said access control list is configured to allow said source user group 
identifier and said destination user group identifier to be compared. 

Allowable Subject Matter 

Claims 55, 58 - 62 and 64 - 74 are allowed. 

The following is an examiner's statement of reasons for allowance: 
The above mentioned claims are allowable over prior arts because the CPA (Cited Prior Art) of 
record fails to teach or render obvious the claimed limitations in combination with the specific 
added limitations recited in claims 55, 65 and 70 (& associated dependent claims). 
The present invention is directed to A method comprising: 

populating an access control list with a destination user group identifier, wherein said 
access control list is a role-based access control list, said destination user group identifier 
identifies a destination user group of a destination, said access control list comprises a source 
user group field configured to store a source user group identifier and a destination user group 
field configured to store a destination user group identifier, said source user group comprises a 
plurality of source network devices, said source user group is assigned to said source based on 
a role of said source, said destination user group comprises a plurality of destination network 
devices, said destination user group is assigned to said destination based on a role of said 
destination, and said access control list is configured to allow said source user group identifier 
and said destination user group identifier to be compared. The closest prior arts on the record, 
either singularly or in combination fails to anticipate or render obvious the claimed invention that 
said populating is performed by a network device and comprises sending a request to another 
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network device, and receiving a response from said another network device, wherein said 
response includes said destination user group identifier. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the 
issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons 
for Allowance." 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Longbit Chai whose telephone number is 571-272-3788. The examiner 
can normally be reached on Monday-Friday 8:00am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 

Application Information Retrieval (PAIR) system. Status information for published applications 

may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

applications is available through Private PAIR only. For more information about the PAIR 

system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 

PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

/Longbit Chai/ 

Longbit Chai Ph.D. 
Patent Examiner 
Art Unit 2131 
7/12/2008 
/Ayaz R. Sheikh/ 

Supervisory Patent Examiner, Art Unit 2131 



